INTERNET DRAFT Pat Fleming
<draft-fleming-ldap-printer-schema-00.txt> IBM
[Target Category: Informational] Ken Jones
Expires 15 July 2002 Bytemobile
Harry Lewis
IBM
Ira McDonald
High North
15 January 2002
LDAP Schema for Printer Services<draft-fleming-ldap-printer-schema-00.txt>
Copyright (C) The Internet Society (2002). All Rights Reserved.
Status of This Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC 2026. Internet-Drafts are
working documents of the Internet Engineering Task Force (IETF), its
areas, and its working groups. Note that other groups may also
distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
To view the list of Internet-Draft Shadow Directories, see
http://www.ietf.org/shadow.html.
Abstract
This document provides information for the Internet community. It
does not specify an Internet standard of any kind. This document
defines an LDAP schema, object classes and attributes, for printers
and printer services, for use with directories that support
Lightweight Directory Access Protocol (LDAPv3) [RFC2251]. This
document is based on the printer attributes listed in Appendix E of
Internet Printing Protocol (IPP/1.1) [RFC2911], the Service Location
Protocol (SLPv2) [RFC2608] 'service:printer:' template defined in
[SLPPRT], and the mapping between SLP service advertisements and LDAP
descriptions of services defined in [RFC2926].
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 1]

Internet Draft LDAP Schema for Printer Services 15 January 20021. Introduction
This document provides information for the Internet community. It
does not specify an Internet standard of any kind. This document
defines an LDAP schema, object classes and attributes, for printers
and printer services, for use with directories that support
Lightweight Directory Access Protocol (LDAPv3) [RFC2251]. This
document is based on the printer attributes listed in Appendix E of
Internet Printing Protocol (IPP/1.1) [RFC2911], the Service Location
Protocol (SLPv2) [RFC2608] 'service:printer:' template defined in
[SLPPRT], and the mapping between SLP service advertisements and LDAP
descriptions of services defined in [RFC2926].
Please send comments to the principal editor <flemingp@us.ibm.com>.
Appendix E of IPP/1.1 [RFC2911] specifies a list of printer
attributes which should be included in a general directory schema
describing IPP print services. The syntax for each of these
attributes is described in detail in [RFC2911] and [SLPPRT]. This
document takes these attributes and maps them to LDAP attributes and
object classes.
This document defines several object classes to provide LDAP
applications with flexible options in defining printer information
using LDAP schema. Classes are provided for defining directory
entries with common printer information and for extending existing
directory entries with SLPv2 [RFC2608], IPP/1.1 [RFC2911], and LPR
[RFC1179] specific information.
2. Terminology
This document provides information for the Internet community. It
does not specify an Internet standard of any kind.
For systems which choose to support this LDAP printer schema, the key
words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in sections 3 and
4 of this document are to be interpreted as described in [RFC2119].
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 4]

Internet Draft LDAP Schema for Printer Services 15 January 20023. Definition of Object Classes
We define the following LDAP object classes for use with both generic
printer related information and services specific to SLPv2 [RFC2608],
IPP/1.1 [RFC2911], and LPR [RFC1179].
slpServicePrinter - auxiliary class for SLP registered printers
printerAbstract - abstract class for all printer classes
printerService - structural class for printers
printerServiceAuxClass - auxiliary class for printers
printerIPP - auxiliary class for IPP printers
printerLPR - auxiliary class for LPR printers
The following are some examples of how applications MAY choose to use
these classes when creating directory entries:
1) Use printerService for directory entries containing common printer
information.
2) Use both printerService and slpServicePrinter for directory
entries containing common printer information for SLP registered
printers.
3) Use printerService, printerLPR and printerIPP for directory
entries containing common printer information for printers that
support both LPR and IPP.
4) Use printerServiceAuxClass and object classes not defined by this
document for directory entries containing common printer information.
In this example, printerServiceAuxClass is used for extending other
structural classes defining printer information with common printer
information defined in this document.
Note that specifying the abstract object class printerAbstract is
OPTIONAL when using printerService or printerServiceAuxClass to
create directory entries per [RFC2251].
Refer to Section 4 for definition of attribute types referenced by
these object classes. We use names instead of OIDs in MUST and MAY
for clarity. Some attribute names described in [RFC2911] have been
prefixed with 'printer-' as recommended in [SLPPRT] and [RFC2926].
For the object classes defined in this section, schema developers MAY
add to the list of MAY OIDs, but MUST NOT modify the list of MUST
OIDs and MUST NOT remove OIDs from the list of MAY OIDs. Schema
developers MAY derive additional classes from the abstract and
structural classes defined in this section. Note, an object class
definition SHOULD NOT be changed without having a new name and OID
assigned to it.
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 5]

Internet Draft LDAP Schema for Printer Services 15 January 2002
printer-service-person $
printer-delivery-orientation-supported $
printer-stacking-order-supported $
printer-output-features-supported )
)
3.3. printerService
This structural class defines printer information. It is derived
from class printerAbstract and thus inherits common printer
attributes. This class can be used with or without auxiliary classes
to define printer information. Auxiliary classes can be used to
extend the common printer information with protocol, service or
operating system specific information. Note that when extending
other structural classes with auxiliary classes, printerService MUST
NOT be used.
LDAP applications SHOULD use printer-uri as the naming attribute.
That is, when using printerService, printer-uri SHOULD be used as the
attribute type of the directory entry's relative distinguished name
(RDN). printer-uri uniquely identifies each of the printer services
for a given printer. Note that if the printer service changes
domains, printer-uri MUST be updated with the new domain name.
( 1.3.18.0.2.6.255
NAME 'printerService'
DESC 'Printer information.'
STRUCTURAL
SUP printerAbstract
MAY ( printer-uri $ printer-xri-supported )
)
3.4. printerServiceAuxClass
This auxiliary class defines printer information. It is derived from
class printerAbstract and thus inherits common printer attributes.
This class MUST be used with a structural class.
LDAP applications SHOULD use printer-uri as the naming attribute.
That is, when using printerServiceAuxClass, printer-uri SHOULD be
used as the attribute type of the directory entry's relative
distinguished name (RDN). printer-uri uniquely identifies each of
the printer services for a given printer. Note that if the printer
service changes domains, printer-uri MUST be updated with the new
domain name.
( 1.3.18.0.2.6.257
NAME 'printerServiceAuxClass'
DESC 'Printer information.'
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 7]

Internet Draft LDAP Schema for Printer Services 15 January 2002
AUXILIARY
SUP printerAbstract
MAY ( printer-uri $ printer-xri-supported )
)
3.5. printerIPP
This auxiliary class defines Internet Printing Protocol (IPP/1.1)
[RFC2911] information. It MUST be used with a structural class such
as printerService. It is used to extend structural classes with IPP
specific printer information.
( 1.3.18.0.2.6.256
NAME 'printerIPP'
DESC 'Internet Printing Protocol (IPP) information.'
AUXILIARY
SUP top
MAY ( printer-ipp-versions-supported $
printer-multiple-document-jobs-supported )
)
3.6. printerLPR
This auxiliary class defines LPR [RFC1179] information. It MUST be
used with a structural class such as printerService. It is used to
identify directory entries that support LPR.
( 1.3.18.0.2.6.253
NAME 'printerLPR'
DESC 'LPR information.'
AUXILIARY
SUP top
MUST ( printer-name )
MAY ( printer-aliases)
)
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 8]

Internet Draft LDAP Schema for Printer Services 15 January 20024. Definition of Attribute Types
The following attribute types are referenced by the object classes
defined in Section 3.
The following attribute types reference syntax OIDs defined in
Section 6 of [RFC2252] (see Section 5 'Definition of Syntaxes'
below).
The following attribute types reference matching rule names (instead
of OIDs) for clarity (see Section 6 below). Note that if the printer
information is not known, the attribute value is not set (for
optional attributes). In the following definitions, referenced
matching rules are defined in Section 8 of [RFC2252] and/or Section 6
of [X.520]. (see Section 6 'Definition of Matching Rules' below).
Note: Some implementations of LDAP servers do not support some or
all of the [X.520] matching rules in the EQUALITY, ORDERING, or
SUBSTR clauses of attribute definitions. Administrators may wish to:
1) Omit the EQUALITY clause (or at least the 'booleanMatch', which is
not defined in [RFC2252]);
2) Omit the ORDERING clause (or at least the 'integerOrderingMatch',
which is not defined in [RFC2252]);
3) Omit the SUBSTR clause.
The following table is a summary of the attribute names defined by
this document and their corresponding names from [RFC2911]. Some
attribute names described in [RFC2911] have been prefixed with
'printer-' as recommended in [RFC2926], to address the flat namespace
for LDAP identifiers.
LDAP & SLP Printer Schema IPP Model [RFC2911]
------------------------------ -------------------------------------
printer-uri
printer-xri-supported
[IPP printer-uri-supported]
[IPP uri-authentication-supported]
[IPP uri-security-supported]
printer-name printer-name
printer-natural-language-configured
natural-language-configured
printer-location printer-location
printer-info printer-info
printer-more-info printer-more-info
printer-make-and-model printer-make-and-model
printer-ipp-versions-supported ipp-versions-supported
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 9]

Internet Draft LDAP Schema for Printer Services 15 January 20024.2. printer-xri-supported
A list of XRI (extended resource identifiers) supported by this
printer. Each value of this list consists of a URI (uniform resource
identifier) followed by optional authentication and security
metaparameters. The keywords for URI and their metaparameters are:
'uri' == IPP 'printer-uri-supported' value
'auth' == IPP 'uri-authentication-supported' value
'sec' == IPP 'uri-security-supported' value
Legal values of the 'auth' metaparameter include
'none' (no authentication for this URI)
'requesting-user-name' (from operation request)
'basic' (HTTP/1.1 Basic [RFC2617])
'digest' (HTTP/1.1 Basic, [RFC2617])
'certificate' (from certificate)
per IPP Model [3] (extensions MAY also be used). A missing 'auth'
metaparameter SHALL mean 'none'. Legal values of the 'sec'
metaparameter include
'none' (no security for this URI)
'ssl3' (Netscape SSL3)
'tls' (IETF TLS/1.0, [RFC2246])
per IPP Model [3] (extensions MAY also be used). A missing 'sec'
metaparameter SHALL mean 'none'. Each metaparameter of a list member
is delimited by '<'. For example:
'uri=ipp://foo.com< auth=digest< sec=tls<'
'uri=lpr://bar.com< auth=none< sec=none<'
Registrations MAY consolidate values for metaparameters, as in the
following example:
'uri=ipp://foo.com< auth=basic,digest< sec=tls,ssl3<'
( 1.3.18.0.2.4.1107
NAME 'printer-xri-supported'
DESC 'The unordered list of XRI (extended resource identifiers)
supported by this printer. Each member of the list consists of
a URI (uniform resource identifier) followed by optional
authentication and security metaparameters.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
4.3. printer-name
The site-specific administrative name of this printer. This value of
this attribute SHOULD be in the language specified in
'printer-natural-language-configured' (although the printer's name
MAY be in any language). This name MAY be the last part of the
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 11]

Internet Draft LDAP Schema for Printer Services 15 January 2002
printer's URI or it MAY be completely unrelated. This name MAY
contain characters that are not allowed in a conventional URI (which
conforms to [RFC2396]).
( 1.3.18.0.2.4.1135
NAME 'printer-name'
DESC 'The site-specific administrative name of this printer, more
end-user friendly than a URI.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
4.4. printer-natural-language-configured
( 1.3.18.0.2.4.1119
NAME 'printer-natural-language-configured'
DESC 'The configured language in which error and status messages will
be generated (by default) by this printer. Also, a possible
language for printer string attributes set by operator, system
administrator, or manufacturer. Also, the (declared) language
of the "printer-name", "printer-location", "printer-info", and
"printer-make-and-model" attributes of this printer. For
example: "en-us" (US English) or "fr-fr" (French in France)
Legal values of language tags conform to [RFC3066] "Tags for
the Identification of Languages".'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
4.5. printer-location
( 1.3.18.0.2.4.1136
NAME 'printer-location'
DESC 'Identifies the location of the printer. This could include
things like: "in Room 123A", "second floor of building XYZ".'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 12]

Internet Draft LDAP Schema for Printer Services 15 January 20024.6. printer-info
( 1.3.18.0.2.4.1139
NAME 'printer-info'
DESC 'Identifies the descriptive information about this printer.
This could include things like: "This printer can be used for
printing color transparencies for HR presentations", or "Out
of courtesy for others, please print only small (1-5 page) jobs
at this printer", or even "This printer is going away on July
1, 1997, please find a new printer".'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
4.7. printer-more-info
( 1.3.18.0.2.4.1134
NAME 'printer-more-info'
DESC 'A URI used to obtain more information about this specific
printer. For example, this could be an HTTP type URI
referencing an HTML page accessible to a Web Browser. The
information obtained from this URI is intended for end user
consumption.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
)
4.8. printer-make-and-model
( 1.3.18.0.2.4.1138
NAME 'printer-make-and-model'
DESC 'Identifies the make and model of the device. The device
manufacturer MAY initially populate this attribute.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 13]

Internet Draft LDAP Schema for Printer Services 15 January 20024.9. printer-ipp-versions-supported
( 1.3.18.0.2.4.1133
NAME 'printer-ipp-versions-supported'
DESC 'Identifies the IPP protocol version(s) that this printer
supports, including major and minor versions, i.e., the version
numbers for which this Printer implementation meets the
conformance requirements.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
)
4.10. printer-multiple-document-jobs-supported
( 1.3.18.0.2.4.1132
NAME 'printer-multiple-document-jobs-supported'
DESC 'Indicates whether or not the printer supports more than one
document per job, i.e., more than one Send-Document or
Send-Data operation with document data.'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
)
4.11. printer-charset-configured
( 1.3.18.0.2.4.1109
NAME 'printer-charset-configured'
DESC 'The configured charset in which error and status messages will
be generated (by default) by this printer. Also, a possible
charset for printer string attributes set by operator, system
administrator, or manufacturer. For example: "utf-8" (ISO
10646/Unicode) or "iso-8859-1" (Latin1). Legal values are
defined by the IANA Registry of Coded Character Sets and the
"(preferred MIME name)" SHALL be used as the tag. For
coherence with IPP Model, charset tags in this attribute SHALL
be lowercase normalized. This attribute SHOULD be static (time
of registration) and SHOULD NOT be dynamically refreshed
(subsequently).'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{63}
SINGLE-VALUE
)
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 14]

Internet Draft LDAP Schema for Printer Services 15 January 20024.29. printer-current-operator
( 1.3.18.0.2.4.1112
NAME 'printer-current-operator'
DESC 'The name of the current human operator responsible for
operating this printer. It is suggested that this string
include information that would enable other humans to reach the
operator, such as a phone number.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
4.30. printer-service-person
( 1.3.18.0.2.4.1113
NAME 'printer-service-person'
DESC 'The name of the current human service person responsible for
servicing this printer. It is suggested that this string
include information that would enable other humans to reach the
service person, such as a phone number.'
EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
SINGLE-VALUE
)
4.31. printer-delivery-orientation-supported
( 1.3.18.0.2.4.1114
NAME 'printer-delivery-orientation-supported'
DESC 'The possible delivery orientations of pages as they are printed
and ejected from this printer. Legal values include;
"unknown", "face-up", and "face-down".'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{127}
)
4.32. printer-stacking-order-supported
( 1.3.18.0.2.4.1115
NAME 'printer-stacking-order-supported'
DESC 'The possible stacking order of pages as they are printed and
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 20]

Internet Draft LDAP Schema for Printer Services 15 January 20027. IANA Considerations
There are no IANA registration considerations defined by this
document.
8. Internationalization Considerations
All text string attribute values in objects of the printerService
class MUST be encoded in UTF-8 [RFC2279] characters, as required by
the syntax 'Directory String' [RFC2252]. Also, a language tag
[RFC3066] for all of the text string attributes in objects of the
printerService class SHOULD be supplied in
'printer-natural-language-configured'. Therefore, all objects of the
printerService class conform to the "IETF Policy on Character Sets
and Languages" [RFC2277].
9. Security Considerations
As with any LDAP schema, it is important to protect specific entries
and attributes with the appropriate access control. It is
particularly important that only administrators can modify entries
defined in this LDAP printer schema. For additional considerations
of deploying printers in an IPP environment, the reader is referred
to Section 8 of [RFC2911].
Obtaining a reference to an object and storing it in the directory
may make a handle to the object available to a wider audience. This
may have security implications.
10. References
[SLPPRT] St. Pierre, Isaacson, McDonald. Definition of the Printer
Abstract Service Type v2.0, <durable URL below>, May 2000.
Reviewed and approved by IETF SLP Designated Expert, according to
Section 5 'IANA Considerations' in [RFC2609].
Archived in the IANA SLP Template Registry:
ftp://ftp.iana.org/in-notes/iana/assignments/svrloc-templates/in the file 'printer.2.0.en'
[RFC1179] McLaughlin. Line Printer Daemon Protocol, RFC 1179, August
1990.
[RFC2119] Bradner. Key words for use in RFCs to Indicate Requirement
Levels, RFC 2119, March 1997.
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 23]

Internet Draft LDAP Schema for Printer Services 15 January 200213. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
Fleming, Jones, Lewis, McDonald Expires 15 July 2002 [Page 26]